Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/e84b5d-3511-44e9-9261-ed82ae7dbd59/1/IMdPglYzX5a0Y8UZyR6PoX9F3qI.roa
File: IMdPglYzX5a0Y8UZyR6PoX9F3qI.roa (raw, json)
Hash identifier: LlemrthVpDv3Bg7I6x+S4EwJBWPGL+Tm33DKrH5qsTc=
Subject key identifier: 20:C7:4F:82:56:33:5F:96:B4:63:C5:19:C9:1E:8F:A1:7F:45:DE:A2
Certificate issuer: /CN=792304cece7fb6551d621e257743753d7d3e7eba
Certificate serial: 019423D6E62172D62FEB391281DAD13FDD90
Authority key identifier: 79:23:04:CE:CE:7F:B6:55:1D:62:1E:25:77:43:75:3D:7D:3E:7E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eSMEzs5_tlUdYh4ld0N1PX0-fro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/e84b5d-3511-44e9-9261-ed82ae7dbd59/1/IMdPglYzX5a0Y8UZyR6PoX9F3qI.roa
Signing time: Wed 01 Jan 2025 21:47:53 +0000
ROA not before: Wed 01 Jan 2025 21:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59574
IP address blocks: 95.215.230.0/23 maxlen: 23
95.215.230.0/24 maxlen: 24
95.215.231.0/24 maxlen: 24
185.204.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/e84b5d-3511-44e9-9261-ed82ae7dbd59/1/eSMEzs5_tlUdYh4ld0N1PX0-fro.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/e84b5d-3511-44e9-9261-ed82ae7dbd59/1/eSMEzs5_tlUdYh4ld0N1PX0-fro.mft
rsync://rpki.ripe.net/repository/DEFAULT/eSMEzs5_tlUdYh4ld0N1PX0-fro.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:e6:21:72:d6:2f:eb:39:12:81:da:d1:3f:dd:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=792304cece7fb6551d621e257743753d7d3e7eba
Validity
Not Before: Jan 1 21:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20c74f8256335f96b463c519c91e8fa17f45dea2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:4d:42:4f:dc:e2:dd:1e:81:9d:37:aa:e2:a4:
dc:5f:15:ca:df:2a:5d:64:1f:82:c3:1b:4e:7a:be:
c5:98:37:f5:5b:12:1e:92:8d:79:5c:53:1d:3f:88:
56:f1:4a:b8:c5:31:ff:0b:16:2c:76:05:06:b5:c3:
88:fd:76:7f:80:d3:e9:b8:ba:9b:6b:6e:1f:ab:a3:
f5:ef:63:2f:60:8e:46:e3:c6:f2:4d:84:f7:a1:a3:
6e:7f:16:42:7b:c8:86:12:17:80:47:a8:50:da:b9:
9a:b2:31:37:56:d1:37:b4:a1:e5:7b:32:de:ef:fb:
20:97:bf:8e:77:06:14:33:55:d9:c4:d9:3e:df:53:
a8:9f:6d:27:b5:12:ea:1b:eb:87:2d:47:85:8f:77:
ce:c9:90:83:52:4d:d3:b7:38:70:7d:0b:3b:3d:72:
6b:6f:c4:28:9e:d7:30:0f:04:a7:9a:0e:e9:45:12:
34:1d:69:d9:2a:f2:ca:ba:0a:6c:bd:d5:9f:13:ba:
be:06:8d:a3:f9:f4:2f:cc:08:e3:3b:78:a4:81:59:
ae:28:9f:92:84:45:e3:92:34:1d:49:ff:f6:1e:4b:
57:5c:62:9e:0d:47:9c:36:95:99:65:b6:34:15:6d:
b1:60:7d:22:ff:3e:6d:83:7f:d7:0a:cf:87:4c:5b:
40:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:C7:4F:82:56:33:5F:96:B4:63:C5:19:C9:1E:8F:A1:7F:45:DE:A2
X509v3 Authority Key Identifier:
keyid:79:23:04:CE:CE:7F:B6:55:1D:62:1E:25:77:43:75:3D:7D:3E:7E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eSMEzs5_tlUdYh4ld0N1PX0-fro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e84b5d-3511-44e9-9261-ed82ae7dbd59/1/IMdPglYzX5a0Y8UZyR6PoX9F3qI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/e84b5d-3511-44e9-9261-ed82ae7dbd59/1/eSMEzs5_tlUdYh4ld0N1PX0-fro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.215.230.0/23
185.204.110.0/24
Signature Algorithm: sha256WithRSAEncryption
47:52:c3:8c:75:b7:d6:95:90:4c:ec:3b:46:6b:0a:f2:98:5a:
88:78:e9:42:c1:36:a2:7c:a7:bb:75:69:fe:d4:50:bd:27:8b:
76:7c:57:2f:5e:05:f7:40:44:8f:9d:77:ce:4f:36:55:60:4f:
de:87:1f:eb:26:06:cf:f1:7e:14:96:2c:2a:1e:9b:8a:41:dd:
8c:aa:9a:57:f9:a0:f6:b4:d2:ec:2e:0e:af:a8:e3:4d:a0:3b:
f6:bd:f1:18:85:ca:3e:3c:0f:a3:cb:b6:40:44:09:4b:0e:91:
6b:9b:e5:47:ba:76:25:0e:71:ad:49:11:e2:9f:ce:f8:4c:54:
15:8e:65:e4:b3:aa:3f:a6:ed:3b:7c:b4:ea:f2:13:03:05:4c:
e5:8a:ff:e5:85:79:aa:8d:04:dc:6c:d5:8b:cc:38:69:f0:86:
b1:83:aa:d8:22:ad:a8:7f:75:78:1f:0b:c7:f5:7e:b3:d1:de:
6a:f3:10:34:e1:4f:62:49:48:d1:28:31:4a:29:dc:e2:71:eb:
b8:93:a2:74:1e:3e:cf:32:e9:dc:21:13:3b:da:ae:77:d1:02:
32:2d:dc:de:5e:22:79:92:5b:6e:0a:31:28:c2:23:0f:0d:8d:
dc:6e:59:4a:51:3f:18:31:6f:64:81:6c:8a:de:fd:c6:44:84:
b9:31:ae:7c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj1uYhctYv6zkSgdrRP92QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5MjMwNGNlY2U3ZmI2NTUxZDYyMWUyNTc3NDM3NTNkN2Qz
ZTdlYmEwHhcNMjUwMTAxMjE0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMGM3NGY4MjU2MzM1Zjk2YjQ2M2M1MTljOTFlOGZhMTdmNDVkZWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl01CT9zi3R6BnTeq4qTcXxXK3ypd
ZB+CwxtOer7FmDf1WxIeko15XFMdP4hW8Uq4xTH/CxYsdgUGtcOI/XZ/gNPpuLqb
a24fq6P172MvYI5G48byTYT3oaNufxZCe8iGEheAR6hQ2rmasjE3VtE3tKHlezLe
7/sgl7+OdwYUM1XZxNk+31Oon20ntRLqG+uHLUeFj3fOyZCDUk3TtzhwfQs7PXJr
b8QontcwDwSnmg7pRRI0HWnZKvLKugpsvdWfE7q+Bo2j+fQvzAjjO3ikgVmuKJ+S
hEXjkjQdSf/2HktXXGKeDUecNpWZZbY0FW2xYH0i/z5tg3/XCs+HTFtAIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCDHT4JWM1+WtGPFGckej6F/Rd6iMB8GA1UdIwQY
MBaAFHkjBM7Of7ZVHWIeJXdDdT19Pn66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVNNRXpzNV90bFVkWWg0bGQwTjFQWDAtZnJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9lODRiNWQtMzUxMS00NGU5LTkyNjEt
ZWQ4MmFlN2RiZDU5LzEvSU1kUGdsWXpYNWEwWThVWnlSNlBvWDlGM3FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9lODRiNWQtMzUxMS00NGU5LTkyNjEtZWQ4MmFlN2RiZDU5
LzEvZVNNRXpzNV90bFVkWWg0bGQwTjFQWDAtZnJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBX9fmAwQA
ucxuMA0GCSqGSIb3DQEBCwUAA4IBAQBHUsOMdbfWlZBM7DtGawrymFqIeOlCwTai
fKe7dWn+1FC9J4t2fFcvXgX3QESPnXfOTzZVYE/ehx/rJgbP8X4UliwqHpuKQd2M
qppX+aD2tNLsLg6vqONNoDv2vfEYhco+PA+jy7ZARAlLDpFrm+VHunYlDnGtSRHi
n874TFQVjmXks6o/pu07fLTq8hMDBUzliv/lhXmqjQTcbNWLzDhp8Iaxg6rYIq2o
f3V4HwvH9X6z0d5q8xA04U9iSUjRKDFKKdziceu4k6J0Hj7PMuncIRM72q530QIy
LdzeXiJ5kltuCjEowiMPDY3cbllKUT8YMW9kgWyK3v3GRIS5Ma58
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:50 2025 by rpki-client